HACKED!

So around January 11th, 2018 I visted my website and was presented with:
OH NO!

I then spent the next day Googling all sorts of things. Besides how to fix it, also why or how it happened.

I found out I’d have to register my site with Google and request a review once I resolved the problem. Through various links and searches, I found that a script was the culprit.

Logging in via FTP and looking around my shared hosting directories I found that this wasn’t just limited to my site, although this was the first site that I received this MALWARE error. PHP files had been updated to load this script with the visitor unaware it was even happening.

The other sites hadn’t been kept up to date and have since become abandoned by their owners for one reason or another. Some were just banner pages that simply pointed their visitors to Facebook or somewhere else. Others had fully blown installations with hopes of a bright future employing all sort of bells and whistles that third-party plugins provide, although left untouched with no updates applied.

So the sites that were beyond an easy quick fix, I simply deleted them. I put HTML Pages in their place. I decided I would only leave those installations that were being maintained on the server. Why have a full-blown CMS run a simple one-page site? The files that had been altered could have been anywhere and my goal was to repair mine and prevent it from just happening again.

So, the sites I myself maintain and monitor have been fixed, updated and protected. If yours was one of those that I replaced with simple HTML, now you know why.

Problems Update

Regarding Verizon.Net :: A change on the PF firewall’s rule set.  Forever the bridge was never in the ruleset and everything seemed to work just fine.  Finally, because of the proper testing environment, found out it was my own problem all along.  Added rules to address the bridge interface directly.  Those rules never seemed to have been needed before … or were they?

Regarding the Wireless Router :: I gave up on it as the MBP17 acted flaky since I unplugged the hard wire …  The MBP15 seemed okay with it and remained logged in to IRC room on #pf (which is where I was seeking firewall help) and I guessed at the bridge rule … It happened to work … Anyway, I plugged the cables back in and I think I’m going to try the router that I originally bought that fixed all the problems before …  Last resort is to buy Apple’s wireless router.

Now digging through all old email, etc and finding email addresses that I need to send an update to … It seems I haven’t sent a newsletter since 2007 .. Hmpf!  Well, no new is good news, right?

Sometimes I cause my own problems … really!

A quick update to let you know how Andy Reid and I are alike … I’ve goofed.

Number 1: I thought the Internet was slow from the new connection and called service to have it diagnosed.  All the while placing the blame on them, it was I who had coded in the firewall rules the throttling for the old T1.  After I changed the values to reflect the much higher speed that is now available, lo and behold it smokes now.

Number 2: While poking in the firewall I started thinking about my Verizon woes again and decided to try to tackle this once again since this problem of not being able to connect has plagued me through 3 or 4 Internet connections.  For the first time I was able to connect through my connection, but not through my firewall.  With my firewall “opened up” for the mail server, it still will not work over the bridge.  I can telnet to hotmail perfectly fine and then in the very next command watch telnet time-out to Verizon.net.  I feel that I’m closer to a solution though as I now have something to go by and it’s been my fault all along.  So I should take down my “Verizon Sucks” post?

Number 3: The post that’s gotten the most comments here was about the Mac and the Self Assigned IP.  While not everyone has used my solution, they’re thanking me for the posting of someone else’s solution.  That’s fine.  Since my solution was a Belkin router, when I started to move things over to the new location I bought the very same router.  Shortly into my Internet usage, the wireless signal would be lost after a certain amount of time.  Not the IP problem, just connectivity.  Weird.  I made sure that the configurations were the same with original router and this new one.  They were.  I couldn’t figure it out, so I hard-wired and it’s been that way ever since.  For some reason I went in the router recently and noticed the Firmware Update.  It was two releases behind.  I upgraded the firmware, popped out the network cables and have been wireless ever since.  Did the newer router come purchased with an older firmware?  I won’t know until I check  the old router, but if I were a betting man …

You learn something new everyday.  I’m not entirely opposed to admitting when I’ve done something wrong, but I sure thought in the first two cases that I was right.  The last here is an honest mistake I think …  What say you?

Verizon Sucks

verizonI see I have a lot of Verizon visitors and I figured I would express my displeasure with Verizon just for you. You should be flattered.

#1 reason why Verizon sucks?  I can’t send “verizon.net” people email from my mail server.  I spent an entire day trying to communicate this to Verizon support and I got absolutely nowhere.  The people with the accents kept asking for my Verizon email address or my DSL phone number no matter how many times I told them I wasn’t a Verizon customer.  I asked for the phone number for their NOC who handled their mail server.  Confusion.

Their web interface doesn’t work either.  I am not using my mail server to browse web sites and use their white-listing page.  My mail server is in a dark server room dutifully sending and receiving email 24 hours a day.  Fighting SPAM and Viruses and doing a damn good job of it, but Verizon won’t accept my email.  I receive the email from the nice web interface telling me that everything is okay, and when I reply to that email, my email is returned 7 days later never being able to make an SMTP connection with Verizon.Net’s servers.

I resorted to opening a ticket with my upstream provider, and they had no luck in helping me.  They suggested I reach out to Verizon customers and have them complain that they can’t receive email from me.  Can’t say as I know any Verizon.Net customers, nor could I email them asking them such a favor.  They were able to telnet to Verizon’s listed MX and issue simple telnet commands, so they assume that any of their IPs would be able to do the same.  Well I try from my mail server and other machines, and all I do is time out.  I just sent anther letter to my provider, but it’s Verizon that needs to provide me support.

Anyone from Verizon, please respond to this post and help me deliver mail to your customers from my customers.  Thanks.

#2 reason why Verizon sucks?  They advertise FIOS constantly on my TV, but it isn’t available in my area.  Comcast dominates the Philadelphia area and Verizon finally won against the powers that be to start installing FIOS in the Philadelphia area.  Where do they start?  In the suburbs.  If I could get FIOS to my location, my connection speed will increase 100 times and I will pay absolutely no more money per month for my connection.  That’s substantial for me.

I just got Comcast Internet installed at a new location and it blows away my high priced connection.  It is an eye opener, but Verizon has been teasing me for so long.  I need new copper run for my local loop, but an insider told me that they won’t run new copper, they want to install FIOS – well it’s not available in my area, and I have to deal with outages and bounces … That makes Verizon suck!

Bottom line, hey – Verizon, install me some FIOS and let me deliver email to your mail server, and we’re golden!  Thanks again …